Changes between Version 84 and Version 85 of ServerIntro


Ignore:
Timestamp:
Apr 15, 2015, 11:59:31 AM (10 years ago)
Author:
davea
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ServerIntro

    v84 v85  
    150150
    151151=== MySQL notes === #MySQL-notes
    152  * After installing and running the server,
    153    grant permissions for the 'db_user' account (usually boincadm).
    154    The 'db_name' is usually the short name of the project.
    155    The credentials (db_user, db_name, db_passwd) are stored in the project's [ProjectOptions#db config.xml].
    156    All MySQL accounts should be password protected, especially `root`.
    157 {{{
    158 mysql -u root
    159 CREATE USER 'db_user'@'localhost' IDENTIFIED BY 'db_passwd';
    160 GRANT CREATE,DROP ON *.* TO 'db_user'@'localhost'
    161 GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,REFERENCES,INDEX,ALTER,CREATE TEMPORARY TABLES, LOCK TABLES ON  `db_name`.* TO 'db_user'@'localhost';
    162 }}}
    163 Existing projects should change the permissions accordingly by first revoking
    164 all rights and grant with the above example. The user 'nobody' means the
    165 account under which Apache runs (may be different on your machine) which does
    166 not need access anymore.
    167 {{{
    168 mysql -u root
    169 REVOKE ALL PRIVILEGES ON  *.* FROM  'db_user'@'localhost';
    170 REVOKE ALL PRIVILEGES ON  *.* FROM  'db_user';
    171 REVOKE ALL PRIVILEGES ON  *.* FROM  'nobody'@'localhost';
    172 REVOKE ALL PRIVILEGES ON  *.* FROM  'nobody';
    173 }}}
    174 After creating a project you should also revoke the global DROP and CREATE
    175 permission for your 'db_user' like this:
    176 {{{
    177 REVOKE ALL PRIVILEGES ON *.* FROM 'db_user'@'localhost';
    178 REVOKE GRANT OPTION ON * . * FROM 'db_user'@'localhost';
    179 GRANT USAGE ON *.* TO 'db_user'@'localhost';
    180 }}}
    181  * Set your `PATH` environment variable to include MySQL programs
    182    (typically `/usr/local/mysql` and `/usr/local/mysql/bin`).
    183  * You'll need to back up your database.
    184    Generally this requires stopping the project,
    185    making a copy or snapshot, and restarting.
    186    An example is [//mysql_backup.txt here].
     152Instructions for setting up MySQL are here:
     153https://dev.mysql.com/doc/refman/5.6/en/linux-installation-yum-repo.html
     154
     155After setting up MySQL,
     156create a MySQL account for the project owner.
     157We'll use the name '''boincadm''', same as the Unix account.
     158All MySQL accounts should be password protected;
     159we'll use "foobar" (use something different).
     160{{{
     161mysql -u root -p
     162CREATE USER 'boincadm'@'localhost' IDENTIFIED BY 'foobar';
     163GRANT ALL ON *.* TO 'boincadm'@'localhost';
     164}}}
     165This gives boincadm access to all MySQL databases on the host;
     166if you use MySQL for other purposes on the host,
     167set permissions more restrictively.
     168
     169Other notes:
     170 * Set boincadm's `PATH` environment variable to include MySQL programs
     171  (typically `/usr/local/mysql` and `/usr/local/mysql/bin`).
     172 * You'll want to back up your database periodically.
     173  Generally this requires stopping the project,
     174  making a copy or snapshot, and restarting.
     175  An example is [//mysql_backup.txt here].
    187176 * BOINC gets MySQL compiler and linker flags from a program called
    188177   `mysql_config` which comes with your MySQL distribution.
     
    353342phpmyadmin
    354343python
    355 python-mysqldb
     344python-mysqldb (or MySQL-python)
    356345libssl-dev
    357346libcurl4-openssl-dev
     
    397386
    398387=== Create a new BOINC user account === #cookbook-useraccount
    399 The best way to create the boinc user is during installation when you are asked for name and password of the main user. Enter 'boincadm', or a name of your choice, as login name. In this cookbook I will refer to this useraccount as 'boincadm'.
    400 
    401 When installation is finished please login as the user created during installation. If you have installed a graphical desktop manager please open a text console (Konsole or xterm).
     388The best way to create the boinc user is during installation
     389when you are asked for name and password of the main user.
     390Enter 'boincadm', or a name of your choice, as login name.
     391In this cookbook I will refer to this useraccount as 'boincadm'.
     392
     393When installation is finished please login as the user created during installation.
     394If you have installed a graphical desktop manager please open a text console (Konsole or xterm).
    402395
    403396Next step is to add the 'www-data' user (apache webserver) to the group of the newly created user: